CVE-2026-24349EPSS p0.0%

CVE-2026-24349CVE-2026-24349

Description

A vulnerability has been identified in SIMATIC WinCC Unified PC Runtime V16 (All versions), SIMATIC WinCC Unified PC Runtime V17 (All versions), SIMATIC WinCC Unified PC Runtime V18 (All versions), SIMATIC WinCC Unified PC Runtime V19 (All versions), SIMATIC WinCC Unified PC Runtime V20 (All versions), SIMATIC WinCC Unified PC Runtime V21 (All versions < V21 Update 2). Insufficient protection of key material in WinCC Certificate Manager that could allow an attacker to extract sensitive information.

Scoring

CVSS 7.1 ()
VectorCVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
EPSS0.06% probability of exploitation · percentile 0.0% · 2026-06-15T12:03:41Z
Last modified2026-06-09

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2023-46280
CVE
CVE-2025-41659
CVE
CVE-2026-22924
CVE
CVE-2019-6576
CVE
CVE-2024-54678
CVE
CVE-2025-40771
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.